CompTIA Security+ (SY0-601) — Question 306

Which of the following best describes a technique that compensates researchers for finding vulnerabilities?

Answer options

• A. Penetration testing
• B. Code review
• C. Wardriving
• D. Bug bounty

Correct answer: D

Explanation

The correct answer is D, Bug bounty, which refers to programs that provide monetary rewards to individuals who identify vulnerabilities. The other options, while related to security practices, do not offer compensation for finding vulnerabilities: A is about testing security measures, B involves examining code for errors, and C pertains to locating unsecured wireless networks.